A) Why do you assume an exploit at all? Hopefully you understand that
the vast majority of software crashes in the world are triggered by
benign transactions.
B) From the www.isc.org website:
"BIND 9.4-ESV-R1 is now available. BIND 9.4-ESV-R1 is revision 1 of the
extended release version for BIND 9.4. It is recommended that all BIND
9.4.x users upgrade to BIND 9.4-ESV-R1."
If you have to upgrade anyway, but you're going to stick with 9.4.x, why
would you try to "get away with" running something older and
less-recommended in that generation of BIND 9 than 9.4-ESV-R1?
- Kevin
On 5/10/2010 10:58 AM, P.A wrote:
Stephane, do you think I can get away with running 9.4.3-P5 that doesn't
seem to have any known issues. Also what exploit do you think caused my
original issue?
As far as running an old version its been stable for a long time and to be
honest I forgot I was running that version.
-----Original Message-----
From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr]
Sent: Monday, May 10, 2010 10:24 AM
To: P.A
Cc: bind-users@lists.isc.org
Subject: Re: KAMINSKY vulnerability !!
On Mon, May 10, 2010 at 10:05:47AM -0400,
P.A<ra...@meganet.net> wrote
a message of 242 lines which said:
My question is did I just get rid by the kaminsky vulnerability?
Not at all. The Kaminsky attack poisons the server, it does not crash
it.
Primary server: BIND 9.4.3b2
Why do you run a beta version (and an old one)?
This issue is known
<http://www.mail-archive.com/bind-us...@isc.org/msg00323.html> and has
been fixed in production versions a long time ago.
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
